Bug Bounty Programs – Get rewarded for reporting bugs

What is Bug Bounty Program?

Bugs in a website or a software leads to vulnerabilities and exploits. Many websites and software developers offer a deal called Bug Bounty Programs, also called vulnerability reward programs (VRPs) where individuals (Software Security Researchers and White hat hackers) get recognition and compensation for reporting these type of bugs. The main aim of these programs is to discover and resolve the bugs before public is aware of them thereby preventing incidents that cost a lot. Many websites like Facebook, Google, Yahoo and Microsoft have implemented these programs.

This program took its creation at Netscape Communications Corporation which was a huge success.

Bug reports must provide enough information for the organization offering bounty to resolve the bug and the vulnerability present. The payment amounts differ depending on the size of the organization, difficulty in hacking in to the system and the impact of bug on the users.

Some Bug Bounty Programs:

Facebook White hat Program :

Languages Used : C++, PHP, D, Java, Python (Server-side); JavaScript (Client-side)Payment Offered : Minimum $500 USD and no pre-determined maximum pay.
Facebook has given as much as $20000 for reporting a single bug.

It’s safe and good that bounty programs are gaining momentum day by day. With more and more security companies encouraging security research and promoting awareness among enthusiasts, the cyber crimes will come down hopefully.